Text Exploits
31,341 exploits tracked across all sources.
Microvirt MEMU Play 3.7.0 - Code Injection
Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with elevated LocalSystem privileges.
by SamAlucard
CVSS 7.8
Magic Mouse 2 Utilities <2.20 - Privilege Escalation
Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path.
by SamAlucard
CVSS 7.8
KMSpico 17.1.0.0 - Code Injection
KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\Service_KMS.exe to inject malicious executables and escalate privileges.
by SamAlucard
CVSS 7.8
Deep Instinct Windows Agent 1.2.24.0 - Privilege Escalation
Deep Instinct Windows Agent 1.2.24.0 contains an unquoted service path vulnerability in the DeepNetworkService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepNetworkService.exe to inject malicious code that would execute with LocalSystem permissions during service startup.
by Paulina Girón
CVSS 7.8
HTC IPTInstaller 4.0.9 - Code Injection
HTC IPTInstaller 4.0.9 contains an unquoted service path vulnerability in the PassThru Service configuration. Attackers can exploit the unquoted binary path to inject and execute malicious code with elevated LocalSystem privileges.
by SamAlucard
CVSS 7.8
Motorola Device Manager 2.5.4 - Code Injection
Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system privileges during service startup.
by Angel Canseco
CVSS 7.8
Motorola Device Manager 2.4.5 - Code Injection
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges during service startup.
by Angel Canseco
CVSS 7.8
Motorola Device Manager 2.4.5 - Code Injection
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in ForwardDaemon.exe to inject malicious code that will execute with elevated system privileges during service startup.
by Angel Canseco
CVSS 7.8
Flexsense DiskBoss 11.7.28 - Privilege Escalation
Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any of its services, enabling remote code execution during startup or reboot with escalated privileges. Attackers can exploit the unquoted service path vulnerability by specifying a malicious service name in the 'sc qc' command, allowing them to execute arbitrary system commands.
by Mohammed Alshehri
Winstep 18.06.0096 - 'Xtreme Service' Unquoted Service Path
by SamAlucard
Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path
by Julio Aviña
RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path
by Erick Galindo
Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path
by Erika Figueroa
Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path
by Erika Figueroa
Privacy Drive v3.17.0 - 'pdsvc.exe' Unquoted Service Path
by Mohammed Alshehri
OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path
by Julio Aviña
iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path
by Leslie Lara
HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path
by Jocelyn Arenas
HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path
by Julio Aviña
Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path
by SamAlucard
DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path
by SamAlucard
Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path
by Carlos Roa
Joplin < 1.3.11 - XSS
Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note.
by Philip Holbrook
CVSS 6.1
Genexis Platinum 4410 Firmware - CSRF
A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point’s password.
by Jinson Varghese Behanan
CVSS 6.5
By Source